I have a Java web app that intermittently loses session data. The problem only occurs with users on IE8. I have used IEWatch to monitor the http traffic, and it seems that the correct session cookies are being sent (JSESSIONID2).
When the request gets to the server the session has become unbound from the custom session monitor (this uses HttpBindingListener).
As I have mentioned this problem is intermittent and I have even gone through a transaction with the customer doing exactly the same thing on my machine - however I was unable to replicate their problem. It should also be noted that the transaction fails at the same point every time for all users experiencing this - it one the second page of a 4 page wizard type transaction.
Any help will be gratefully received.
Nige
Yep, I did find the problem.
I use DWR for AJAX stuff and there is an issue with DWRUtil.useLoadingMessage().
See http://directwebremoting.org/dwr/browser/util/useLoadingMessage.html
So this caused an execption, which went to an error page (jsp) which had an invalidate session statement on it.
Took me bloody ages to find it.
I hope this helps you, but I somehow doubt it :)
Nige
Related
Whenever I use google chrome to hit my application, almost any requests that I make are not hitting the rest service. However, I can login and hit the rest service, the problem is once I get to the home page, any requests after the initial login all fail. Instead it seems like the session is becoming invalidated. I checked some other stack overflow threads and saw this may have to do with a 302 error occurring when the browser is trying to load the favicon.ico. I can see in the network tab of my developer tools that this is infact getting a 302. I am unsure if this is the actual issue and or is there is another issue.
I have a selenium script that runs fine but when I am executing the same script in loop it stops after some time (1 to 2 hours).
Following is the error:
INFO: ERROR in Record- session d5609515-432f-4b01-b93d-b3b5571e009d does not exist
Kindly help me.
It's seems that in that process you have time that the page not changing and the session expires, for example in bank account's sites if there is no action on page it will kill your session after x seconds.
keep always focus on the website even if you processing other thing's
Exception: ERROR in Record- session
d5609515-432f-4b01-b93d-b3b5571e009d does not exist
tells you that you trying to use driver for any propose with session identification that not exist expired, for what i know it's session timeout
one more important thing if you have to do your script for (1 to 2 hours) you need to think about ways to split it for better results, it's internet and it's not always stable.
Session Has Expired error on the Internet
ErrorWhen browsing a website that is database driven, requires a
login, or is secured, you may see a "Session Expired" or "Session Has
Expired" error. The causes of these error messages are detailed in the
following sections.
Inactivity - If you have not been doing anything on the page for a set length of time (often 10-30min) the server will time out your
session. This is often done for security reasons and to help increase
the overall speed of the web page. In other words if you were browsing
the page and get up and leave, go to lunch, or start browsing other
pages when you come back you need to re-login and create a new
session.
Date or time not correct - Make sure the date and time are properly set on your computer.
Cookies - If you are browsing anonymously or your browser does not have cookies enabled it causes many sessions to fail. Make sure your
Internet cookies are enabled.
Firewall or proxy - If you are connecting to the Internet behind a firewall or through a proxy the firewall or proxy may be restricting
or prohibiting the session from being established.
Other site related issue - If this issue is only occurring on a certain site and you're not encountering any of the above-related
issues it's possible that it could be the site encountering an issue.
Contact the company or Webmaster to verify the problem is not on their
end.
Code:
Jsoup.connect("http://www.warriorforum.com/").followRedirects(true).get();
Log cat error:
10-14 11:58:08.593: ERROR/MY(24780): TRY1: download failed java.io.IOException: Too many redirects occurred trying to load URL http://www.warriorforum.com/
As you can see in Jsoup Connection class the exception is thrown in private Response(Response previousResponse) throws IOException when redirect count exceeds private static final int MAX_REDIRECTS = 20;
Worked about 12h ago fine, but something has changed on the host side and I can't figure out what. When viewing the url with browser, there doesn't seem to be any redirects. What is causing this error?
EDIT - accessing subforums and topics with Jsoup.connect(url).get() is working, but not the main page.
If I open the URL in my browser (Chrome), I get "This webpage has a redirect loop". It responds with a 301 and the very same URL as the new Location (http://www.warriorforum.com/).
Maybe the website is still cached in the browser? Maybe the redirect depends on client specifics (like language, country, browser, ...)?
Use WireShark to take a snapshot/trace of when it happens, then you can send it to the admins of the site for them to debug.
I had the same issue and as all ways I came to source to figure it out.
So reading others complain about similar issues I've figure it out (smart ass) and here it is for anyone likes too many opinions.
As the issue is clearly a loop issue, it has to do with the web site request and your browser's cache (authentication session perhaps).
In my case there was no internal (website ) router (rewrites or similar case) and solve it by scale the request. Otherwise a clean browsers cache might solve the issue otherwise clean all cookies (session) that related to this domain. Doesn't heart to check with other browsers if available. If different browsers have the same issue and your cache is clean (as...) and the web page request is clean (headers POST/GET/PUT ctr) then it's out of your hands. Give it up.
Check an other web page. It's a vast field out there.
P.S. Good morning stackoverflowers !!!
So I went through the steps to build a basic roo application here: http://static.springsource.org/spring-roo/reference/html/beginning.html
I started up my server and started playing with the app, couldn't help but notice that there's a 'jsessionid' in my url:
http://localhost:8080/pizzashop/pizzas;jsessionid=0A8EA5D9E8665C8AC80F141C3818F6BA?form
I don't care for this at all! Why does it need a session id in the URL? Can I get rid of this? It does not seem RESTful to have this there.
This is standard JavaEE behavior, and is dictated and controlled by the servlet container. It has nothing to do with Spring.
See this previous question to find out why and when it gets created, and how to avoid it.
I didn't see this answer in the other question so I wanted to explain it. The way sessions work in java and I think php, is when the client first comes it, it creates a cookie and appends JESSIONID to all the urls that used <c:url/> tag. The reason it does this is because the first time the client visits the page, the server has no idea if the client supports cookies. So it does both. Next time, since it sees the cookie, it will actually not use URLs anymore because it knows cookies worked.
There is a lot of ways to disable this. If you are not using sessions at all then you can disable cookies by putting cookies=false in context.xml. This only disables cookies for the session and not regular cookies. You can then use urlrewrite to stip the sessionid.
Hope that helps.
What app server are you using? I know that Weblogic at least will always do a URL encoded session, as well as a cookie based session, on the first call at least, to see if cookies are enabled on the client. If it can't find the cookie that matches the URL session id on the next call, it will continue using the session token from the URL. I know when they switched our company over to using Sharepoint for web crawling and search the windows web guys whined for a LONG time about the issue, until they finally understood that all they had to do was turn on cookie session support.
In my case this was happening when the application was deployed on my desktop and not using https. In which case in weblogic.xml, cookie-secure should be set to false. Otherwise cookie managed session ID will only work over https.
<wls:cookie-secure>false</wls:cookie-secure>
I am having problems in Java while managing sessions. All works perfect(I create and get/set values in the session), until I redirect with a link (the link is in a JSP). Then, the session is lost.
My server is Tomcat, and my browser is a Firefox browser. I am using Struts 2.
Thanks for your time ;-)
The standard time for the session to automatically get erased is about 30 minutes (for example in Tomcat), but it depends on the configuration.
If you write session.invalidate(), your session gets erased too.
Your session gets automatically lost if you close every tab in the browser you opened the session (even is you have other windows with the same browser).
Is your link inside the same application server? If it does, it shouldn't get lost if you are not doing things I said before.
If you accept cookies in your navigator, your code may call invalidate() when you go on this page. Check filters too.
One possibility is that your current session cookie is marked as "secure", and the 'href' is an "http:" link. This will cause the browser to not send the cookie, and depending on your webapp structure a new session may then be created automatically.